Tag: Security

Latest Articles

Why a Potential Autodiscover Flaw is Just the Tip of an Iceberg

It's often helpful when security researchers like Guardicore shed light on flaws in Microsoft Exchange - however, the Autodiscover protocol isn't flawed in the way they describe. Even though the issue is hard to replicate, it shouldn't distract from the work you need to do to protect your organization from the underlying reason why people want your credentials.

September 28, 2021

Hot Air and Publicity for Purported Autodiscover Security Flaw

Lots of excitement was generated when Guardicore revealed a purported vulnerability with the Exchange Autodiscover service. However, the almost total lack of detail about the configuration used for testing and to generate the reported results makes it impossible for Exchange administrators to check the theory against their own deployment. I don't think a problem exists with Exchange Online, but it's possible that poor DNS practice or flawed third-party clients could cause an issue with on-premises servers. The case remains to be proved.

September 23, 2021

The Practical 365 Update: S2, Ep 16 – Critical Exchange patches, new Teams and OneDrive features and we deep-dive on Information Barriers

On the show this week, Steve is joined by Patrick van Bemmelen to talk about how you can stop internal sharing with Information Barriers., And in important news we discuss the latest Exchange Server updates you need to apply TODAY, how the FBI have been accessing Exchange Servers - and we cover the latest updates available for Microsoft Teams, OneDrive, Outlook and more.

April 16, 2021
Flash Flood Warning! You Just Setup MCAS One comment
Drowning in Microsoft Cloud App Security email alerts

Flash Flood Warning! You Just Setup MCAS

Microsoft MVP Amy Babinchak reveals how Office365 administrators can turn Microsoft Cloud App Security (MCAS) into a manageable and indispensable tool for organizations. This is achieved with several simple, tried and true methods that will reduce the amount of information alerts while highlighting severe, actionable alerts which are detailed in this article.

April 6, 2021